Should server's certificate conform to RFC7925?

[malishav]

Based on @EskoDijk 's review in https://mailarchive.ietf.org/arch/msg/ace/I70MHcCzSfPIy28lDqxEOcllgJw/:

3.2 Certificate-based Authentication

… EST client certificate SHOULD conform to [RFC7925] …

That holds also for the server certificate, I think? If the server’s cert is not lightweight, then just optimizing the client’s cert helps only for 50%. RFC 7925 defines the profile for both client and server.

[malishav]

Change to include EST server certificate conformant with [RFC7925].